January 2, 2012

Time to Change Your Password

Filed under: Main — admin @ 12:01 am

Security experts, and those who pretend to be security experts, recommend that you change your password often. How often? Well, often it seems like they want you to change your password every 90 seconds. When that’s not feasible, then changing your passwords at the start of each new year works.

Guess what! It’s the start of a new year.

Up front, I’ll admit that I’m not changing my passwords. I have dozens of them. In fact, I have so many, I often forget them and have written them down on a sheet of paper. That’s because I refuse to keep using the same password over and over. And I’m adamantly against wasting valuable brain cells remembering all my passwords.

The traditional thinking goes that your password should have the following attributes:

  • Be at least 6 or 8 character long.
  • Contain both letters and numbers.
  • Contain at least one capital letter.
  • Contain a symbol, if allowed.
  • Be easy to forget or difficult to type, or both.

Even if you concoct a memorable password with all those attributes, evil software can crack your password given enough time. That’s because such cryptic passwords are difficult for humans to remember, but not for computers to divinate.

If you really want to baffle computer password-cracking software, then you need to use your brain and create a password that you can easily remember and which a computer could never guess.

The current thinking is that a complex password involves four separate words. For example:

fire-thumb-coffee-table

That seems like a dumb password, but it’s actually quite clever: It would take a computer years to crack it, or at least that’s what I remember reading somewhere.

Sure, the password may fail on those web sites that demand it have at least one capital letter and one number. So:

A1-fire-thumb-coffee-table

The idea is to create a password that contains multiple separate, common words. Somehow a computer is incapable of guessing such word combinations. Or it would simply take the computer just as long if not longer to guess that type of password than it would an impossible-to-memorize password like arc5782-Jf07.

Something like that.

Anyway, if you’re in the mood, consider a password change. And consider using common words in your passwords. If anything, at least those newer passwords will be easier to remember than your current passwords.

2 Comments

  1. This is a dandy tool that I also use when changing/choosing my passwords:
    https://www.grc.com/haystack.htm

    Comment by gamerguy473 — January 2, 2012 @ 5:51 pm

  2. Pretty cool!

    Comment by admin — January 2, 2012 @ 6:00 pm

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.


Powered by WordPress